With UEK R5U5, Oracle continues to deliver kernel modifications to enable support for 64-bit Arm (aarch64) architecture. These changes are built and tested against existing Arm hardware and provide support for Oracle Linux for Arm. Features described in this document are available for Arm insofar as the hardware is capable of supporting the feature that is described. Limitations and items that are beyond the scope of current development work for Arm are described in more detail in Unusable or Unavailable Arm Features.

UEK R5U5 provides core kernel functionality that is equivalent to UEK R5U4 and makes use of the same upstream mainline kernel release and upstream LTS bug fixes. Additional patches to enhance existing functionality and provide some minor bug fixes and security improvements are also included. Key changes are specific to the functionality that is required for Oracle Database and other Oracle software.

Optimizations to the code that handles page cache clearance can improve performance in KVM for large guests, which can result in much quicker start-up times. These optimizations offer significant performance gains: the changes are localized to the hardware platforms for which they are designed, such as Intel's next-generation Icelake server hardware platform. These changes do not impact other hardware platforms.

The following notable file system changes are implemented in UEK R5U5:

• Btrfs

  Several security issues for Btrfs were backported and are resolved in this update release. Upstream bug fixes are also applied to this release.

• CIFS

  Upstream bug fixes are applied to this release.

• Ext4

  Multiple upstream bug fixes are applied to this release. A security issue is also resolved in this release.

• NFS

  Multiple upstream bug fixes are applied and two security issues are also resolved in this release.

• OCFS2

  Several bugs that are fixed in the upstream 5.7 kernel release have been backported to this update release for OCFS2. An unused function is removed from the source code to reduce bloat and improve performance. A bug fix is applied to better handle changes to ACLs so that a remount is no longer required to display these changes. A fix is applied for an issue that caused reflink operations from some nodes to hang for very long time while waiting for the cluster lock on an orphan directory.

• XFS

  Upstream bug fixes, including a fix to resolve a build warning, as well as a security patch, are applied in this update.

UEK R5U5 supports 1/10/25/50/100 Gb Ethernet ports. 200 Gb Ethernet ports are not enabled in UEK R5U5, as the changes that are required to support this feature affect the kernel ABI. Oracle maintains kernel ABI compatibility through the entire UEK R5 lifecycle. If you require the use of 200 Gb Ethernet ports, use UEK R6.

Remote Direct Memory Access (RDMA) is a feature that allows direct memory access between two systems that are connected by a network. RDMA facilitates high-throughput and low-latency networking in clusters.

Unbreakable Enterprise Kernel Release 5 Update 5 includes RDMA features that are provided in the upstream kernel, with the addition of Ksplice and DTrace functionality and Oracle's own RDMA features, which includes support for RDS and Shared-PD.

Notable changes to the RDMA implementation in UEK R5U5 include the following:

• Improvements to RDS failover/failback performance

  RDS handling of failover and failback is improved to boost performance. Most significantly, a change in the RDS connection algorithm called "RDS yields" resolves issues that caused RDS connections to hang for periods when two parties attempted a simultaneous connection. Additionally, changes are implemented to prevent sleep within worker threads, which could block other work on the same work queue.

• Improved tracing on RDS for debugging

  Tracepoints have been added to RDS code for support within eBPF and DTrace, to replace legacy debugging mechanisms. These changes enable better debugging and integration with existing tracing tools.

• RDMA bug fixes and optimizations

  General bug fixes and optimizations for RDMA are also included in this update release, including the resolution of a bug to properly handle RDMA cancel requests.

The following notable security features are implemented in UEK R5U5:

• securityfs interface for Secure Boot lockdown mode added

  The lockdown file for the securityfs interface (/sys/kernel/security/lockdown) now includes capability for reading and setting the Secure Boot lockdown state. For example, you can use the cat command to view the current configuration and use a piped echo command to set a new value:

  $ sudo cat /sys/kernel/security/lockdown
  [none] integrity confidentiality
  $ sudo echo 'integrity' > /sys/kernel/security/lockdown
  $ sudo cat /sys/kernel/security/lockdown
  none [integrity] confidentiality

  Note that after a lockdown mode is set, you are unable to write to this file again without a system reboot with lockdown disabled.